Saturday, June 25, 2011

The Growing Need for Cyber Security

There have been a number of shocking events over the past year and a half in the world of cybersecurity.

Some of the events include: mass breaches of consumer information at Sony and elsewhere, the Stuxnet worm's stealthy attack on the Iranian nuclear program, the security breach at defense contractor Lockheed Martin and the Chinese electronic break-in at Google.

These events led US Attorney-General Eric Holder to comment recently, “Cybercrime threatens the security of our systems as well as the integrity of our markets.”

Such breaches of security have forced a broad recognition that, despite the difficulties, all those using the net must accept cybersecurity as part of their mission.

The New Normal

Cyber intrusions are fast becoming the norm at even the world's most technologically sophisticated companies. This surprisingly includes some companies that have security as their main mission.

One such example is the problem this year at RSA, the security company owned by EMC. This problem prompted the National Security Agency to warn that RSA's SecuriD keys, with fast-changing numeric passwords, should no longer be sufficient to grant access to critical infrastructure. The compromised security keys were involved in the May hacker attack of Lockheed Martin.

Security breaches are also reaching wider and lower. And not just through one-time assaults like the one on Sony which revealed details on 100 million users of its online gaming networks.

Consumers' computers are increasingly at risk directly from virus infections that are undetected by standard security software and that do more harm than their predecessors.

The fastest growing types of infections install software that records keystrokes, including logins and passwords. Then the data is whisked off to overseas criminal gangs that make use of consumers' personal information.

Additional Factors

Compounding and uniting these cyber threats are two fast-growing phenomena.

The first phenomena is social networking.

At social networking sites, individuals often give all sorts of clues about themselves that can be used against them in phishing scams. Also users at these sites have been “trained” to click on shortened web links...web links that could lead to malicious pages.

Targeted emails to employees are the delivery method of choice for intrusions such as those at Google and RSA. These emails were made more credible by public information gathered on employees at various social networking sites.

The second phenomena is the rise of mobile devices.

These are devices generally controlled by employees but often have widespread workplace access. These devices are just beginning to be targeted by in earnest by hackers.

What is surprising here is how antiquated the thinking is at many businesses. Many times smartphones and tablets are issued to employees without encryption, authentication or anti-malware software.

What the Future Holds

The advances in software and the increasing use of the internet have made cyber defense more difficult, not easier.

Mr. Holder put it best when he said, “For every technological or commercial quantum leap, criminals and criminal syndicates have kept pace.”

In effect, these criminal gangs are great capitalists. They make money from one scam and reinvest the money into new research and development to stay ahead of the cyber security profession. And they pay their “professionals” top dollar to keep them happy and hacking.

Then there is the problem quite apart from criminal activity. There is growing evidence of politically motivated attacks over the internet, targeting various organization and companies, from so-called 'hacktivists'.

Hacktivists usually use techniques involving relatively unsophisticated malware but which use the sheer weight of numbers. These type of attacks have brought down systems belonging to companies including PayPal and Visa.

The danger is that hacktivists don't operate on a profit and loss basis. So tools and techniques that may deter criminals because of the high cost involved to get around security measures will not work on hacktivists.

The result is that businesses today are forced to defend themselves on two fronts: against highly skilled cybercriminals using the latest technology and hacktivists using less sophisticated, but still successful methods.

The IT industry has been playing catch-up with hackers and cybercriminals for decades. And the problem is just getting worse. Look for this 'war' without end to continue.

1 comment: